sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code

dsdb-operational: Implement msDS-UserPasswordExpiryTimeComputed

Browse Source 
This assists in testing this aspect of
msDS-User-Account-Control-Computed, and is exposed in AD for clients
to query.

Andrew Bartlett

Change-Id: I10fd214b0585a16f8addb00c252f656419a03f4a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andrew Bartlett 2013-10-29 15:44:15 +13:00 committed by Stefan Metzmacher
parent 1d266b4938
commit 77e4beb0e0
1 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
source4/dsdb/samdb/ldb_modules/operational.c
View File

@ -760,6 +760,43 @@ static int construct_msds_user_account_control_computed(struct ldb_module *modul
msDS_User_Account_Control_Computed);
}
/*
construct msDS-UserPasswordExpiryTimeComputed
*/
static int construct_msds_user_password_expiry_time_computed(struct ldb_module *module,
struct ldb_message *msg, enum ldb_scope scope,
struct ldb_request *parent)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
struct ldb_dn *nc_root;
int64_t password_expiry_time;
int ret;
ret = dsdb_find_nc_root(ldb, msg, msg->dn, &nc_root);
if (ret != 0) {
ldb_asprintf_errstring(ldb,
"Failed to find NC root of DN: %s: %s",
ldb_dn_get_linearized(msg->dn),
ldb_errstring(ldb));
return ret;
}
if (ldb_dn_compare(nc_root, ldb_get_default_basedn(ldb)) != 0) {
/* Only calculate this on our default NC */
return 0;
}
password_expiry_time
= get_msds_user_password_expiry_time_computed(module, msg,
nc_root);
return samdb_msg_add_int64(ldb,
msg->elements, msg,
"msDS-UserPasswordExpiryTimeComputed",
password_expiry_time);
}
struct op_controls_flags {
bool sd;
bool bypassoperational;
@ -815,6 +852,13 @@ static const char *user_account_control_computed_attrs[] =
};
static const char *user_password_expiry_time_computed_attrs[] =
{
"pwdLastSet",
NULL
};
/*
a list of attribute names that are hidden, but can be searched for
using another (non-hidden) name to produce the correct result
@ -831,7 +875,9 @@ static const struct op_attributes_replace search_sub[] = {
{ "msDS-isRODC", "objectClass", objectCategory_attr, construct_msds_isrodc },
{ "msDS-KeyVersionNumber", "replPropertyMetaData", NULL, construct_msds_keyversionnumber },
{ "msDS-User-Account-Control-Computed", "userAccountControl", user_account_control_computed_attrs,
construct_msds_user_account_control_computed }
construct_msds_user_account_control_computed },
{ "msDS-UserPasswordExpiryTimeComputed", "userAccountControl", user_password_expiry_time_computed_attrs,
construct_msds_user_password_expiry_time_computed }
};